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Learn more 


V 


Competition ends in 1l days 


Lens Protocol V2 


An open technology stack, builders can create social front-ends or integrate Lens 
social capabilities. 


Make a submission 


Start date 

17 Jul 1:00 PM 
End date 

31 Jul 1:00 PM 
Total awards 
$85,500 USDC 
Duration 


14 days 


Details Your Findings 


Lens Protocol V2 audit details 


We want to proposal this structure for the prize pool (please remove this line if 
you are ok with it if not chat in discord) 


e Total Prize Pool: $85.500 USDC 
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p Bn ee SS m Se 


HM awards: $63,000 USDC 
Analysis awards: $0 USDC 

QA awards: $1,750 USDC 

Bot Race awards: $5,250 USDC 
Gas awards: $0 USDC 

Judge awards: $9,000 USDC 
Lookout awards: $6,000 USDC 
Scout awards: $500 USDC 


e Join C4 Discord to register 
e Submit findings using the C4 form 
e Read our guidelines for more details 
e Starts July 17, 2025 20:00 UTC 
e Ends July 31, 2025 20:00 UTC 
note that for this contest, gas optimizations AND Analysis Reports are 


both out of scope. The Lens Protocol team will not be awarding prize funds 
for gas-specific submissions. 


Automated Findings / Publicly Known Issues / 
Clarifications & Assumptions 


Automated findings output for the audit can be found here. 


Note for C4 wardens: Anything included in the automated findings output is 
considered a publicly known issue and is ineligible for awards. 


Below is a list of statements we wish to clear up, these are not bugs it as 
design but flagging so nobody raises them: 
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e You can link a LensHandle to a Profile and on transfer of that handle or 


profile the link will still be valid. The new owner will need to unlink for it to 


be removed. 


e Referral system: 


Duplicated referrals are allowed. 


A user that is about to act on a publication can always first interact 
(mirror, quote, comment) and then act passing its own publication as 
referral (wether he is using the same profile or an alt profile he also 
owns). This not only applies to act, but also to mirror, quote and 
comment. 


A user can pass itself as unverified referral for any action trying to get 
a benefit. However, take into account that specific module 
implementations can reject unverified referrals. 


e All contracts' critical roles (like the owner address in the Ownable pattern) 


are expected to be secure multisigs, not EOAs. 


e There are five TODOs inside the contracts/ directory: LensHandles (#1, 
#2), Types (#3, #4), LensSeaDropCollection (#5 this file is out of the 
audit scope). These TODOs will be resolved later. 


e Breaking changes from VI to V2: 


Follow NFT delegation power feature removed. It might be added in 
the future, compatible with DAO Governors. 


Lens V1 Collect and Reference modules that were querying the 
Follow state will fail after V2 upgrade, given that 
isFollowing(uint256 profileId, address follower, uint256 
followNFTTokenId) function is not part of the Follow module 


interface anymore. 
Function interfaces have changed for most of them. 
Cannot comment on mirrors anymore. 


Indexers will need to adapt to new events. 
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e You can still act and legacy collect publications of burnt profiles. Unless 
the modules contain logic that requires profile existence. 


e Publications from burnt profiles are allowed as verified referrals, unless 
the modules contain logic that requires referral profiles existence. We 
might change this to not be allowed. 


e Whitelisted profile/handle creators are expected to be trusted (i.e. Lens 
V1 - C4 | M-OS, Lens VI - C4 | M-04, Lens V1 - C4 | M-12 are "by 
design"). Thus, any malicious behaviour is not contemplated as a bug. For 
example, front-running between each-other, handle squatting, 
creation/minting of any amount of desired profiles, etc. 


e Governance and Proxy Admins are trusted. Issues that can come from 
Governance malicious executions or Proxy Admins malicious upgrades 
will not be taken into account (for example, a LensHub upgrade that will 
perform malicious actions on users who gave approvals to it Lens V1 - C4 
| M-06, or Governance whitelisting a malicious/erroneous module on 
purpose Lens V1 - C4 | M-10). This is part of the risk model assumptions 
and its management will become more decentralized over time. 


Overview 


Lens V1 docs to learn more about the Lens Protocol. 


Although these docs are for Lens V1, they are still useful to understand the 
Lens Protocol in general. To see the changes done in Lens V2 - look at the 
next section. 


Upgrade from Lens V1 to V2 will be done in-place using a transparent proxy 
pattern, knowdlege about Lens V1 is required in the context of upgrade and 
migration success, including unexpected breaking changes. 


What is Lens v2 and Lens in general? 


Lens Protocol is a social graph built on-chain, designed to empower creators 
to own their identities, and links between themselves and their community, 
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forming a fully composable, user-owned social graph. The protocol is built 
from the ground up with modularity in mind, allowing new features and fixes 
to be added while ensuring immutable user-owned content and social 
relationships. 


Lens V2 is the first big upgrade of the Lens Protocol, it aims to improve the 
protocol design based on all the learnings after its first year, as well as 
introduce some new interesting features: 


e All the social operations are now Profile-based, instead of address-based, 
meaning that they require to be performed by a Profile 
e You can no longer follow with an address. All follows are required to 
be done by a Profile 


e Legacy Collect action, and new Publication Actions are now 
executed by Profiles (common proxy profiles might be used to 
support address-based collects if wanted) 


e Follow NFTs are optimized for the best UX by not being ERC-721 by 
default. They now have two states: 
e Unwrapped (default, non-ERC-721 state): Tied to the follower Profile, 
meaning they move with the follower Profile when it is transferred to 
a different address 


e Wrapped (opt-in, ERC-721 state): Follow NFTs natively support being 
wrapped into ERC-721 tokens, to get the best out of composability 
with other protocols 


e Ownership/Custody of the Follow NFT is no longer related to the 
following state, the follower profile is set as a field inside the Follow 
NFT. This enables a lot of interesting use cases and improvements. 
e Addition of the Advanced Referral System (more details below) 
e Addition of Publication Action Modules 


e Addition of Delegated Executors (more details below) 
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e Lens Handles are now ERC721s and managed by a separate contract 


e TokenGuardian pattern introduced on both Profiles and Handles to supply 
additional protection of social assets 


e All code was reworked and rewritten from scratch 


e Many more fixes and improvements 


Many of the things mentioned above introduce breaking changes in the 
protocol. 


Special logic found in this contest 


e The ControllableByContract pattern that we introduced to allow 
preparing upgrades on beforehand, automating them through contracts 
and testing them in forks, while also avoiding the risk of transferring 
ownership of Governance and ProxyAdmin. 


e The Follow NFT design. 


Areas of specific concern 


Please give special attention to Upgrade and Migration procedures, and 
anything that can get broken after the V2 upgrade (like the breaking changes 
mentioned in the "Publicly Known Issues" section). For that you might need to 
refer to the Lens V1 code. 


The ControllableByContract pattern introduced, as it will be used by 
Governance and ProxyAdmin contracts, the latter being the most critical piece 
of Lens Protocol's security. 


Definition of words and terms in Lens codebase 


e Delegated Executor: An address allowed to manage a the social 
operations of a profile (following, posting, commenting, mirroring, 
acting). This was specially motivated by the use case of holding the profile 
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in a secure wallet (e.g. hardware wallet or multisig), and delegating 
execution to another wallet (e.g. a hot wallet in your phone). 


e Transaction Executor: The msg.sender in a regular transaction, the signer 
in a meta-transaction. Take into account that this can be either the owner 
of a profile, as well as one of its delegated executors. 


e Publication: Either a Post, Comment, Quote or Mirror. Do not confuse the 
generic term "Publication" with "Post", which is an specific type of 
Publication. 


e Mirror: An amplification of a Post, Comment or Quote. For example, on 
Twitter it would be a "Retweet", on Instagram a "Repost", etc. 


* Legacy Collect: The collect operation from Lens V1. It says "Legacy" as in 
Lens V2 it was re-implemented as a Publication Action. 


e Token Guardian: Protection mechanism for the tokens held by an 
address, which restricts transfers and approvals when enabled. See LIP-4 
for more. 


e Pure-V2 Tree: A tree of interactions formed by all Lens V2 publications. 
Basically, a set of Lens V2 comments, quotes and/or mirrors that 
converge on a Lens V2 post. 


« Non-Pure V2 Tree or Vl-Contaminated Tree: A tree of interactions that 
has a V1 post at the root, and some mix of V1/V2 
comments/quotes/mirrors. 


e Target: A publication that an operation is performed on (publication that 
is being acted on, or a publication that is being 
commented/quoted/mirrored). 


e Referrer or Referral: A publication that allowed the discovery of the 
TARGET which led to an operation on TARGET (e.g. a mirror that led to a 
collect of the original post, etc). 


e Unverified referrals: Referrals passed just as profiles (no publication 
specified), which are not verified if they're connected to the Target 
publication by the referral system. 
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Lens V2 Advanced Referral system 


In V2 we introduced a complex Referral System, which supports verified and 
non-verified referrals for any module action that is performed on a publication 
(Reference Modules, Action Modules). 

Referral system allows to reward users that helped to discover a publication, 
and also to reward original posters for any activity that happens below, and 
reward the applications and Uls that are used to interact with Lens Protocol 
and help the discovery of content. 


Lens V2 Referral System supports: 


e Passing multiple referrals. 


e Passing any publication as a referral as long as it originates from the same 
post (any from a multi-branch tree of comments/quotes/mirrors of a 
single post). 

e Upwards and downwards referrals (a post can be a referral for it’s 
comment/quote, and vice-versa), allowing to award original posters for 
any activity that happens below. 


e Non-verified referrals: you can pass a profile as a referral (good for 
mentions, or front-ends, anything that allowed a person to discover 
something). 


Referral System Rules 

As we upgrade from Lens V1 to Lens V2, we need to take into account that not 
all publications would support the new Referral system (Lens V1 publications 
are supported only partly): 


e Rule #1 - About Pure-V2 Trees: all the new complex interactions and 
referrers that were introduced in V2 work as expected. 
e Mirrors cannot be a target, but any other publication (post, comment, 
quote) can. 
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e The same publication cannot be simultaneously a target and a 


referrer. Basically, a publication cannot be referrer of itself. 


e Any publication can be referrer of another publication if exists a path 


(conformed by quotes, comments and/or mirrors) from each of them 
to the same root post. 


The path can go upwards and downwards (later comments can be 
referrer of the earlier ones, and vice versa). 


e Rule #2 - About Non-Pure Trees: referrers only work for “direct/pointed” 


publications: 


Only 1 level of depth between target and referrer is allowed (as root 
publication is not forwarded on non-pure v2 trees). 


Only downwards publication can be a referral (e.g. in a 
post«-comment situation, only the comment can refer a post, but not 
the other way around). 


V2 pubs support referrals for act and reference modules. Basically, 
referrals are supported when acting, mirroring, quoting and 
commenting. 


V1 publications did not support referrals in the reference modules, so 
any comment/mirror interaction on a V] pub should not support a 
referral. 


During Legacy Collect of V1 publications only a single mirror (either 
V1 or V2 mirror) directly pointing to the target is supported as a 
referrer. 


e Rule £3 - Non-Verified Referrals (profile referrals): should work in all V1 
and V2 publications that support referrals 


Why there is a difference between Pure and Non-Pure trees? 


In V2 we introduced a “ROOT” - which is a post, and all the comments/quotes 


have this root copied recursively. So all the publication tree can always refer 
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and check if two publications belong to the same ROOT - originating from the 


same post. 
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But in Vl we didn't have a concept of a “ROOT”, so the existing V1 trees don't 


have it. 


Lens V2 Publication Layer 


Lens, like all S N ks, has content - p: comments, etc. 


Each Profile of Lens can publish or interact with the content 


Profiles can publish new content or interact with 
existing publications via LensHub 


ence Modul 


https://code4rena.com/contests/2023-07-lens-protocol-v2#top 


Types of Publications on Lens V2 


Lens V2 has four different kinds of publications. They differ slightly in their logic, but main categories 
are Posts (unique r ring publications mments/Quotes/ Mirrors that refer to 
the original Posts or to 


Referring to content 
Unique content not referring 


Mirror 


Action Module 
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Lens V2 Social Layer diagram 


Lens core concept are ProfileNFTs, who can weave the social network by 
following each other, and have Handles (names) attached to them 


LensHub V2 
(upgradeable 


Can create a 
ProfileCreationProxy | Lens Profile 


Profiles can 


follow Profiles 
ProfileNFT 


Profile #123 


Can link Profiles 


Can create a with Handles 


Lens Handle | ensHandie 
LensHandles "handle.lens" 


(upgradeable) 


TokenHandleRegistry 
(upgradeable) 


MigrateProfiles(uint alldata profile 


We check if the profile has already been migrated by checking 
. DEPRECATED handle !- "" (V2 profiles do not have Handles, it's 


We mint a new Handle NFT with the same handle the V1 profile 
had using a special migrateHandle(...) function in LensHandles 


We register the Profile<>Handle link using a special 


managed in a separate LensHandles & TokenHandleRegistry contract) 


migrateHandle(...) 


migrationLink( 
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Profiles who had been followed each 
deploy their own FollowNFT Clone 
Follow #123 


| Can be wrapped as ERC721 


FollowNFT 
Imp! 


ollowNFT of Profile) | 


^ — Can be unwrapped back again 


Follow #456 


ProfileNFT 
Profile #456 


Lens V1->V2 Migration Scheme 


We have a LensV2Migration contract that is part of LensHub V2 (and to be removed during 
the next upgrade after the migration is successful). 


Because of slightly different concepts applied in V2 we have to migrate Profiles, Follows 
and FollowModules of Profiles. 


Anyone can call migration functions because they are made in non-conflicting and non- 
reverting way (they just skip if something was already migrated and tried to migrate twice) 


Lens Handles 


migrationLink(...) function in TokenHandleRegistry 


emit ProfileMigrated(...) event 


LensHub emits a Follow(...) event if tryMigrate( 
succeeded and returned non-zero value for 
mintTimestamp 


MigrateFollowModules(uint2 calldata 


for each profile in profilelds[] 


) 
À TokenHandleRe 


FollowNFT for 
a given Profile 


lOWwNFT , 


User who is migrated must hold the ProfileNFT and FollowNFT in the same account 


FollowNFT should not have ‘originalFollowTimestamp’ set (introduced in V2 - this is 
how we distinguish between V1 non-migrated follows and V2 follows) 


We set the new V2 params and burn the FollowNFT (cause this is now the default 
state - following without followNFT as ERC721) 


Replaces the legacy FeeFollowModule with new FeeFollowModule, 
and initializes it with same parameters 


Clears the ProfileFollowModule if the Profile had it (because it's no longer 
used in V2, as the restriction to follow using a profile is enforced natively) 
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Lens V1->V2 Upgrade scheme 


on LensV2UpgradeContract that has all paramet 
ntrol ProxyAdmin contract to perform an upgrac 


During the upgrade we re! 
immutable 


ons betwee 


security 
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Owner 


Owner 


executeLensV2Upgrade() 


ControllerContract == 


proxy upgrade(newlmpl) 


ProxyAdmin 


proxy upgrade(newlmpl) | LensV2UpgradeContract D 


MultiSig 


proxy upgradeAndCall(newlmpl, data) 
proxy changeAdmin(newAdmin) 


rollbackLastUpgrade() 


proxy upgradeAndCall(newlmpl, data) 


lensHub whitelistProfileCreator(profileCreator, bool) 


setControllerContract(newController) lensHub whitelistFollowModule(followModule, bool) 


clearControllerContract() clearControllerContract() lensHub whitelistReferenceModule(referenceModule 


lensHub whitelistActionlV (actionModule, bool) 


lensHub whitelistCollectModule(collectModule, bool) 
executeAsGovernance(target, data) 


clearControllerContract() 


upgrade To(newimplementation) upgrade To({newimplementation) 


D Governance} 
lensHub_setGovernance(newGov) Mult 


upgrade ToAndCall(newimplementation, data) upgrade ToAndCall(newimplementation, data) 


all of the Controller functions above and 


upgrade To(previousimplementation) 


changeAdmin(newAdmin) 
i lensHub setEmergencyAdmin(newEmergencyAdmin) 


EE setControllerContract(newController) 


ControllerContract 


LensHub 


TransparentProxy 


LensHub V1 


Implementation 


LensHub V2 


Implementation 


all whitelist functions 
setGovernance(newGovernance) 


setEmergencyAdmin(newEmergencyAdmin) 


Post by (alice 
Selling my Punk! 


% Referral Fees 


166 ETH) 


Quote by @bob 


Look, @alice is selling her 
Punk OMGII! 


Comment by (2carl 


This punk isn't worth it.. 


Post by (alice 
Selling my Punk! 


1096 Referral Fees 


Comment by (daniel 


Disagree - this Punk could 
be 150 ETH easily! 
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contracts/ | 265 
LensHub.s 
ol 


contracts/ | 557 
FollowNF 


libraries/A 
ctionLib.s 
ol 


contracts/ 
libraries/F 
ollowLib.s 
ol 


contracts/ 
libraries/ 
Governan 
ceLib.sol 


contracts/ 
libraries/L 
egacyColl 
ectLib.sol 


contracts/ 
libraries/ 
MetaTxLib 
‚sol 


contracts/ 
libraries/ 
Migration 
Lib.sol 


Main contract. Entry point for all social 
operations (like publishing, follow, etc) 
and events. Profile NFT collection. 


Follow NFT collection implementation, 
that is pointed by a Beacon proxy 
pattern by all Follow NFTs of all Lens 
Profiles. 


Library containing logic of Publication 
Actions. 


Library containing logic of Follow 
operations. 


Library containing logic of Governance 
operations. 


Library containing logic of Legacy Lens 
V1 Collect operations. 


Library containing logic of everything 
related to Meta-Transactions. 


Library that will be used to migrate and 
adjust some state after Lens V1 to Lens 
V2 upgrade. 
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Libraries used 


ActionLib, 
LegacyCollectLib, 
FollowLib, MetaTxLib, 
ProfileLib, 
PublicationLib, 
StorageLib, 
ValidationLib 


@openzeppelin/*, 
StorageLib, 
FollowTokenURILib 


StorageLib, 
ValidationLib 


StorageLib, 
ValidationLib 


StorageLib 


StorageLib, 
ValidationLib, 
@openzeppelin/* 


StorageLib, Typehash 


StorageLib 
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contracts/ Library containing logic of Profile StorageLib, 
libraries/P operations. ValidationLib 
rofileLib.s 

ol 

contracts/ Library for everything related to StorageLib, 
libraries/P Publication ValidationLib 
ublication (Posts/Comments/Quotes/Mirrors). 

Lib.sol 

contracts/ Library handling the storage 

libraries/S operations and helpers for getting and 

torageLib. setting storage slots. 

sol 

contracts/ Library containing logic of Validation. StorageLib, ProfileLib, 
libraries/V PublicationLib 
alidationLi 

b.sol 

contracts/ Library containing main custom error 

libraries/c definitions. 

onstants/ 

Errors.sol 

contracts/ Library containing main Events. 

libraries/c 

onstants/ 

Events.sol 

contracts/ Library containing the Typehash 

libraries/c constants for Meta-Transactions. 

onstants/ 

Typehash. 

sol 

contracts/ Library containing custom types, 

libraries/c enums and structs. 

onstants/ 

Types.sol 

contracts/ | 42 Base contract containing a generic - 

base/ERC implementation of ERC-2981. 

2981Colle 
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ctionRoyal 
ties.sol 


contracts/ 
base/Hub 
Restricted 
.sol 


contracts/ 
base/Lens 
BaseERC7 
21.sol 


contracts/ 
base/Lens 
Governabl 
e.sol 


contracts/ 
base/Lens 
HubEvent 
Hooks.sol 


contracts/ 
base/Lens 
HubStora 


ge.sol 


contracts/ 
base/Lens 
ImplGette 
rs.sol 


contracts/ 
base/Lens 


Profiles.so 
| 


contracts/ 
base/upgr 
adeability 
/FollowNF 
TProxy.sol 


l4 
220 
51 
21 
24 
16 
118 
5 
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Base contract containing logic to 
restrict functions to be only called by 
the LensHub. 


Base contract implementing ERC-721. 
Used by Lens Profiles (LensHub), 
Follow, and Collect NFTs. 


Base contract implementing 
governance operations. Part of the 
LensHub. 


Base contract implementing logic to 
hook events into the LensHub. Part of 
the LensHub. 


Base contract containing the last part 
of LensHub storage layout. Part of the 
LensHub. 


Base contract implementing getters for 


Follow and Legacy Collect NFT 
implementations. Part of the LensHub. 


Base contract implementing Lens 
Profiles collection. Part of the 
LensHub. 


Proxy implementing Beacon pattern to 
be used by each Follow NFT. 


MetaTxLib, 
@openzeppelin/* 


StorageLib, 
ValidationLib, 
GovernanceLib 


StorageLib 
StorageLib, 
ValidationLib, ProfileLib, 


ProfileTokenURILib, 
@openzeppelin/* 


@openzeppelin/* 


contracts/ 
misc/Imm 


23 


An Ownable contract to be inherited 
instead of OZ Ownable if the owner 
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utableOw shall be immutable. 
nable.sol 


contracts/ Legacy Collect NFT for Lens V1 @openzeppelin/* 
misc/Lega support. 

cyCollect 

NFT.sol 


contracts/ Lens V1 to V2 Migration functions. MigrationLib 
misc/Lens 

V2Migrati 

on.sol 


contracts/ Contract handling the V1 to V2 
misc/Lens upgrade procedure. 
V2Upgrad 

eContract 

.sol 


contracts/ Contract containing global Module- 
misc/Mod related values (fee, governance, etc). 
uleGlobal 

s.sol 


contracts/ A trusted whitelisted Proxy for Profile 
misc/Profi creation. 
leCreation 


Proxy.sol 


contracts/ An additional Ownable layer that has @openzeppelin/* 
misc/acce an owner and a manager. 

ss/Control 

lableByCo 

ntract.sol 


contracts/ A contract helper for safer Governance 
misc/acce during upgrades, operated by 
ss/Govern Governance MultiSig. 

ance.sol 


contracts/ A contract helper for safer upgrades, @openzeppelin/* 
misc/acce operated by ProxyAdmin Multisig. 

ss/ProxyA 

dmin.sol 
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contracts/ 
namespac 
es/LensH 

andles.sol 


contracts/ 
namespac 
es/Token 
HandleRe 
gistry.sol 


contracts/ 
namespac 
es/consta 
nts/Errors 
.sol 


contracts/ 
namespac 
es/consta 
nts/Events 
.sol 


contracts/ 
namespac 
es/consta 
nts/Types. 
sol 


contracts/ 
interfaces 
/ICollect 
Module.so 
| 


contracts/ 
interfaces 
/ICollectN 
FT.sol 


contracts/ 
interfaces 
/IERC721 


Code4rena | Lens Protocol V2 


Purpose 


Default namespace contract (".lens" 
Handles). 


Registry that links Tokens (so far, Lens 


Profiles) with Handles. 


Namespaces Errors. 


Namespaces Events. 


Namespaces Types. 
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Libraries used 


HandleTokenURILib, 
@openzeppelin/* 


@openzeppelin/* 
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Contract SLOC | Purpose braries used 
Burnable. 
sol 


contracts/ 
interfaces 
/IERC721 
MetaTx.so 
| 


contracts/ 
interfaces 

/IERC721T 
imestamp 

ed.sol 


contracts/ 
interfaces 

/\FollowM 

odule.sol 


contracts/ 
interfaces 
/\FollowN 
FT.sol 


contracts/ 
interfaces 
/ILegacyC 
ollectMod 
ule.sol 


contracts/ 
interfaces 
/ILegacyC 
ollectNFT. 
sol 


contracts/ 
interfaces 
/ILegacyF 
ollowMod 
ule.sol 


contracts/ 
interfaces 
/lLegacyR 
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eference 
Module.so 
| 


contracts/ 
interfaces 
/ILensERC 
721.sol 


contracts/ 
interfaces 
/ILensGov 
ernable.so 
| 


contracts/ 
interfaces 
/lLensHan 
dles.sol 


contracts/ 
interfaces 
/\LensHub 
‚sol 


contracts/ 
interfaces 
/\LensHub 
EventHoo 

ks.sol 


contracts/ 
interfaces 
/\LensHub 
Initializabl 
e.sol 


contracts/ 
interfaces 
/ILensimp 
IGetters.s 

ol 


contracts/ | 4 
interfaces 
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(^ ñ CIAA 


Contract Sl OU Pu roose L braries Used 
/ILensProf 
iles.sol 
contracts/ 
interfaces 
/ILensProt 
ocol.sol 
contracts/ | 3 
interfaces 
/IModule 
Globals.s 


contracts/ 


interfaces 
/\Publicati 
onAction 
Module.so 
| 


contracts/ 
interfaces 

/\Referenc 
eModule.s 


contracts/ 
interfaces 
/ITokenHa 
ndleRegis 
try.sol 


Everything inside contracts/modules , contracts/libraries/token-uris 
directories, and LensHubInitializable, VersionedInitializable, 


UIDataProvider contracts. 


contracts/modules/ActionRestricted.sol 
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contracts/modules/reference/TokenGatedReferenceModule.sol 
contracts/modules/interfaces/IBaseFeeCollectModule.sol 


contracts/modules/interfaces/IWMATIC.sol 


contracts/libraries/token-uris/FollowTokenURILib.sol 


contracts/libraries/token-uris/HandleTokenURILib.sol 
contracts/libraries/token-uris/ProfileTokenURILib.sol 
contracts/libraries/token-uris/TokenURIMainFontLib.sol 


contracts/libraries/token-uris/TokenURISecondaryFontLib.sol 
| 


contracts/misc/LensHublnitializable.sol 
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contracts/base/upgradeability/Versionedlnitializable.sol 


contracts/misc/UlDataProvider.sol 


Additional Context 
N/A (optional) 


Scoping Details 


- If you have a public code repo, please share it here: [TBA] (#TBA, 
- How many contracts are in scope?: 63 

- Total SLoC for these contracts?: 4108 

- How many external imports are there?: @ 

- How many separate interfaces and struct definitions are there foi 
- Does most of your code generally use composition or inheritance? 
- How many external calls?: 0 

- What is the overall line coverage percentage provided by your te: 
- Is this an upgrade of an existing system? Yes. We do in-place up} 
- Does it use a timelock function?: Yes 

- Is it an NFT?: Yes 

- Does the token conform to the ERC20 standard?: N/A (its ERC721) 

- Is there a need to understand a separate part of the codebase / | 
- Please describe required context: Upgrade from Lens V1 to V2 wil. 
- Does it use an oracle?: No 

- Are there any novel or unique curve logic or mathematical models 
- Is it a fork of a popular project?: No 

- Does it use a side-chain?: Uses EVM-compatible chain (Polygon). 


Setup 


1. Clone the repository: 


git clone https://github.com/code-423n4/2023-07-lens.git 
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2. Install Foundry by following the instructions from their repository. 


curl -L https://foundry.paradigm.xyz | bash 
foundryup 


Install dependencies in submodules 


You can do it either with forge: 
forge install 
or directly with git: 


git submodule update --init --recursive 


Build 


You can compile the project using: 
forge build 


You will notice a warning about LensHublnitializable exceeding code size 
(anyways, this file is out of the scope for this audit). To avoid the warning, 
compile Via IR (it will take more time): 


forge build --via-ir 


During the deployment we will compile with --via-ir and tweak the 
optimizer runs for optimum gas performance while still keeping the contract 
size under the limit. 
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Test 


You can run unit tests using: 


forge test 


Coverage 


You can run coverage using: 


forge coverage 


Slither 


If you run slither . it will output an error. As a workaround, at the time of 
writing this, you need to follow these steps. 


1. Have latest foundry version, update it with the following command: 
foundryup 


2. Run slither after compiling excluding test/ and contract/modules/ 
directories (which are out of the scope of this audit anyways): 


forge build --build-info --skip '*/test/**' --skip '*/modules/**' 


Docs 


You can go to our docs (still VI) to learn more about Lens Protocol. 


Upgrade from Lens VI to V2 will be done in-place using a transparent proxy 
pattern, knowdlege about Lens V1 is required in the context of upgrade and 
migration success, including unexpected breaking changes. 
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